入侵检测系统针对基于信号的SIP攻击，通过定时HCPN

The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI:10.1109/ARES.2007.102

Yanlan Ding, Guiping Su

{"title":"入侵检测系统针对基于信号的SIP攻击，通过定时HCPN","authors":"Yanlan Ding, Guiping Su","doi":"10.1109/ARES.2007.102","DOIUrl":null,"url":null,"abstract":"As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"Intrusion detection system for signal based SIP attacks through timed HCPN\",\"authors\":\"Yanlan Ding, Guiping Su\",\"doi\":\"10.1109/ARES.2007.102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on\",\"PeriodicalId\":383015,\"journal\":{\"name\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-04-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2007.102\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Second International Conference on Availability, Reliability and Security (ARES'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2007.102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

会话发起协议由于其简单、功能强大而被广泛应用于当前的IP电话业务中，但它暴露的漏洞使其容易受到各种攻击，特别是基于信号的sip攻击。针对SIP协议存在的安全问题，本文提出了一种基于反馈机制的误用和异常检测相结合的入侵检测系统设计方案。采用了一种定时HCPN模型，该模型适合于四机SIP的IDS驱动和仿真。并针对特定的攻击提供了一些检测方案，如针对CANCEL攻击的两种召回方法等

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Intrusion detection system for signal based SIP attacks through timed HCPN

As session initiation protocol is becoming widely used for the current IP telephony services due to its simplicity and powerful functions, vulnerabilities it exposes make it susceptible to various attacks especially signal based SIP-specific attacks. Based on the security issues of SIP, in this paper, we propose the design of an intrusion detection system combined with misuse and anomaly detection for these threats by a feedback mechanism. A timed HCPN model is utilized and suited to drive and simulate the IDS for SIP with four machines. Also some detection solutions for specific attacks are provided like two recall methods for CANCEL attack and so on

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The Second International Conference on Availability, Reliability and Security (ARES'07)

自引率

0.00%

发文量